Solved

PasswordFormat Only Accepts Clear

Posted on 2011-02-18
3
377 Views
Last Modified: 2013-12-17
Hello,

I am trying to create a simple web page that uses SHA1-encrypted Forms authentication. However, I cannot get it to work.

web.config:

<authentication mode="Forms">
	<forms>
		<credentials passwordFormat="SHA1">
			<user name="user" password="hashedpwd"/>
	        </credentials>
        </forms>
</authentication>

Open in new window


Login page:

string userName = Login1.UserName;
string password = Login1.Password;
string hashpwd = FormsAuthentication.HashPasswordForStoringInConfigFile(password, "sha1");
e.Authenticated = FormsAuthentication.Authenticate(userName, hashpwd);

Open in new window


When I try to login, it says the login was unsuccessful, but I have properly compared the hashed code entered in web.config and hashpwd.

Can anybody assist with this?
0
Comment
Question by:s_magic
  • 2
3 Comments
 
LVL 19

Expert Comment

by:Shahan Ayyub
ID: 34932839
0
 
LVL 1

Accepted Solution

by:
s_magic earned 0 total points
ID: 34943671
Hello,

These sites already assisted me in getting the code I currently have.

I was able to resolve the issue. This site is a virtual directory inside another site, which had its own web.config file. That web.config file appears to have been conflicting with the web.config file I used for this project, as every time I put in the hashed password, it would cause a generic ASP error page. The main site does nothing right now, and I don't see it doing anything in the future, so I deleted the web.config file, and now my SHA1-encrypted form works. I think I remember reading somewhere online about conflicting web.config files, so this would make sense.
0
 
LVL 1

Author Closing Comment

by:s_magic
ID: 34986423
My steps in troubleshooting resolved the issue I was experiencing. The lone answer provided by an Expert were solutions that I had already discovered and worked through, however they were not showing desired results.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Just a quick little trick I learned recently.  Now that I'm using jQuery with abandon in my asp.net applications, I have grown tired of the following syntax:      (CODE) I suppose it just offends my sense of decency to put inline VBScript on a…
A long time ago (May 2011), I have written an article showing you how to create a DLL using Visual Studio 2005 to be hosted in SQL Server 2005. That was valid at that time and it is still valid if you are still using these versions. You can still re…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now